Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/45uoar-h3ujfgFyGuGc0JV5-O8U.roa
File:                     45uoar-h3ujfgFyGuGc0JV5-O8U.roa (raw, json)
Hash identifier:          VSM+A23rMFUuUddZD21ZdGf9wKbvg/mtSBG37QE9g7g=
Subject key identifier:   E3:9B:A8:6A:BF:A1:DE:E8:DF:80:5C:86:B8:67:34:25:5E:7E:3B:C5
Certificate issuer:       /CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
Certificate serial:       018CC64AAADC7711362D6C7DB683C70AADEA
Authority key identifier: 3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/45uoar-h3ujfgFyGuGc0JV5-O8U.roa
Signing time:             Mon 01 Jan 2024 18:30:31 +0000
ROA not before:           Mon 01 Jan 2024 18:30:31 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     206276
IP address blocks:        212.63.112.0/22 maxlen: 22
                          185.179.184.0/22 maxlen: 22
                          194.49.56.0/22 maxlen: 22
                          45.8.12.0/22 maxlen: 22
                          185.190.100.0/22 maxlen: 22
                          78.142.212.0/22 maxlen: 22
                          193.38.224.0/22 maxlen: 22

Validation:               Failed, certificate revoked on Fri 16 Aug 2024 08:38:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c6:4a:aa:dc:77:11:36:2d:6c:7d:b6:83:c7:0a:ad:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3dfa29368c8be69c8edd5aa193557fcba2a57ec8
        Validity
            Not Before: Jan  1 18:30:31 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=e39ba86abfa1dee8df805c86b86734255e7e3bc5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:bb:b5:8f:5b:e2:79:f8:13:3e:29:d8:27:e8:
                    c7:64:2c:4d:13:82:8c:a2:2b:23:ab:60:7b:9f:81:
                    d4:bc:7f:12:2c:71:04:25:44:2f:8a:cc:53:55:34:
                    39:a4:f0:71:e9:04:2d:96:ec:14:ba:46:a3:63:bc:
                    00:32:90:27:a7:fe:9d:43:83:57:90:5b:52:b5:df:
                    df:70:b2:11:43:f9:ea:2f:ce:0d:7c:4a:aa:a3:94:
                    07:cc:17:f1:6b:68:5c:b8:dc:a1:36:bc:a3:76:25:
                    4c:20:3f:a8:07:b6:02:1c:11:14:4e:0f:85:bc:32:
                    6c:c6:b9:35:17:ff:08:29:0c:c5:a3:d4:ea:73:bf:
                    13:f7:0e:5e:fb:e3:c7:f6:e3:f0:bf:5e:bd:3d:d0:
                    f6:7b:1a:67:8c:57:e9:b2:75:3e:c0:53:df:1b:33:
                    51:4a:67:4c:ab:74:6d:f3:09:b6:be:58:d1:26:ad:
                    c9:21:03:9a:35:16:1c:b4:2e:d8:8f:45:a8:39:d2:
                    a0:0b:51:a8:77:6e:ef:e1:6f:e4:e6:10:04:fa:30:
                    81:37:6d:52:75:15:87:84:ae:68:22:aa:fc:81:90:
                    77:ad:27:0e:92:b2:da:6e:1c:78:e7:27:81:20:bb:
                    18:4a:95:0e:47:e4:c7:06:ef:63:9a:5d:0b:65:1c:
                    59:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:9B:A8:6A:BF:A1:DE:E8:DF:80:5C:86:B8:67:34:25:5E:7E:3B:C5
            X509v3 Authority Key Identifier:
                keyid:3D:FA:29:36:8C:8B:E6:9C:8E:DD:5A:A1:93:55:7F:CB:A2:A5:7E:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfopNoyL5pyO3Vqhk1V_y6Klfsg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/45uoar-h3ujfgFyGuGc0JV5-O8U.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/43/2d4f7f-16e7-4fe6-a189-bd58d0021a09/1/PfopNoyL5pyO3Vqhk1V_y6Klfsg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.12.0/22
                  78.142.212.0/22
                  185.179.184.0/22
                  185.190.100.0/22
                  193.38.224.0/22
                  194.49.56.0/22
                  212.63.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:5a:44:53:ed:d3:63:a0:c0:ed:14:40:d2:3b:f5:c6:70:0f:
         85:18:f4:5c:dd:0e:17:23:48:f0:fa:ed:38:63:25:16:f8:e5:
         57:ea:25:29:62:95:1b:7d:3c:61:8f:41:b4:d2:4e:64:67:ca:
         3a:0d:b5:4c:be:da:13:90:d9:b9:b2:50:df:95:00:9c:ea:07:
         ce:c9:ac:b9:a2:6f:42:2b:03:f2:d4:96:8d:d4:82:85:aa:94:
         08:54:7a:d9:bb:fb:3b:db:60:7e:55:24:ba:29:8c:1d:c7:cb:
         b1:51:52:88:bf:40:b1:c8:a0:2d:72:44:1d:19:29:e9:7a:56:
         c7:cb:70:6e:2c:15:9c:a7:9c:07:83:a8:90:5d:aa:bb:d0:38:
         40:19:48:61:0c:7c:44:34:a2:9e:a4:43:aa:a4:7d:ab:7a:65:
         71:28:59:e3:b2:10:59:c6:25:e3:cf:b6:c8:3f:e4:cf:86:a4:
         ec:0f:ad:5c:fd:ec:69:2c:cd:b9:ca:35:36:3f:e2:a8:8f:bc:
         bb:4d:61:18:b2:bf:d9:a1:3f:8e:42:e4:60:f0:f0:cc:2f:72:
         5e:36:e2:31:44:26:46:f9:d6:a6:e2:e2:23:3c:9e:42:cb:21:
         20:83:34:f9:c3:a2:84:35:04:f3:61:e6:b1:a6:33:55:e5:8b:
         70:e9:cd:8b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzGSqrcdxE2LWx9toPHCq3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZmEyOTM2OGM4YmU2OWM4ZWRkNWFhMTkzNTU3ZmNiYTJh
NTdlYzgwHhcNMjQwMTAxMTgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzliYTg2YWJmYTFkZWU4ZGY4MDVjODZiODY3MzQyNTVlN2UzYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLu1j1viefgTPinYJ+jHZCxNE4KM
oisjq2B7n4HUvH8SLHEEJUQvisxTVTQ5pPBx6QQtluwUukajY7wAMpAnp/6dQ4NX
kFtStd/fcLIRQ/nqL84NfEqqo5QHzBfxa2hcuNyhNryjdiVMID+oB7YCHBEUTg+F
vDJsxrk1F/8IKQzFo9Tqc78T9w5e++PH9uPwv169PdD2expnjFfpsnU+wFPfGzNR
SmdMq3Rt8wm2vljRJq3JIQOaNRYctC7Yj0WoOdKgC1God27v4W/k5hAE+jCBN21S
dRWHhK5oIqr8gZB3rScOkrLabhx45yeBILsYSpUOR+THBu9jml0LZRxZVQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOObqGq/od7o34BchrhnNCVefjvFMB8GA1UdIwQY
MBaAFD36KTaMi+acjt1aoZNVf8uipX7IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODkt
YmQ1OGQwMDIxYTA5LzEvNDV1b2FyLWgzdWpmZ0Z5R3VHYzBKVjUtTzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8yZDRmN2YtMTZlNy00ZmU2LWExODktYmQ1OGQwMDIxYTA5
LzEvUGZvcE5veUw1cHlPM1ZxaGsxVl95NktsZnNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLQgMAwQC
To7UAwQCubO4AwQCub5kAwQCwSbgAwQCwjE4AwQC1D9wMA0GCSqGSIb3DQEBCwUA
A4IBAQAgWkRT7dNjoMDtFEDSO/XGcA+FGPRc3Q4XI0jw+u04YyUW+OVX6iUpYpUb
fTxhj0G00k5kZ8o6DbVMvtoTkNm5slDflQCc6gfOyay5om9CKwPy1JaN1IKFqpQI
VHrZu/s722B+VSS6KYwdx8uxUVKIv0CxyKAtckQdGSnpelbHy3BuLBWcp5wHg6iQ
Xaq70DhAGUhhDHxENKKepEOqpH2remVxKFnjshBZxiXjz7bIP+TPhqTsD61c/exp
LM25yjU2P+Koj7y7TWEYsr/ZoT+OQuRg8PDML3JeNuIxRCZG+dam4uIjPJ5CyyEg
gzT5w6KENQTzYeaxpjNV5Ytw6c2L
-----END CERTIFICATE-----
Generated at Fri Aug 16 10:13:44 2024 by rpki-client on console-fra.rpki-client.org